Jump to content


  • Tweets

  • Posts

    • Hi all, We bought a part to fix our washing machine approx 13 months ago direct from the manufacturer of the washing machine via phone. This part then failed 13 months later, as confirmed by their own engineer, who was sent by the manufacturer (who is also the retailer for the part) FoC. The engineer actually installed a replacement part, the machine came back to life, but they then removed the part used for testing (and ours reinstalled) as "we would be charged for it". The retailer are refusing to replace the part, stating that they only warranty parts for 90 days. When I stated that I believed the Consumer Rights Act gives me longer than that, they insinuated that it did not, and this was repeated by many representatives. AIUI for goods bought more than 6 months ago, I need to get an engineers report to confirm the part has failed? Or that it has failed due to manufacturing issues? Or would the companies own engineers report suffice? Also, does anyone have any other decent contact details for Hotpoint (or the Whirlpool group)? Thanks, GH
    • Thank you for that "read me", It's a lot to digest, lots of legal procedure. There was one thing that I was going to mention to you,  but in one of the conversations in that thread it was mentioned that there may be spies on the Forum,  this is something that I've read quite some time ago in a previous thread. What I had in mind was to wait for the thirty days after their reply to my CCA request and then send the unenforceable letter. I was hoping that an absence of signature could be the Silver Bullet but it seems that there are lot of layers to peel on this Onion.  
    • love the extra £1000 charge for confidentialy there BF   Also OP even if they don't offer OOC it doesn't mean your claim isn't good. I had 3 against EVRi that were heard over the last 3 weeks. They sent me emails asking me to discontinue as I wouldn't win. Went infront of a judge and won all 3.    Just remember the law is on your side. The judges will be aware of this.   Where you can its important to try to point out at the hearing the specific part of the contract they breached. I found this was very helpful and the Judge made reference to it when they gave their judgements and it seemed this was pretty important as once you have identified a specific breach the matter turns straight to liability. From there its a case of pointing out the unlawfullness of their insurance and then that should be it.
    • I know dx and thanks again for yours and others help. I was 99.999% certain last payment was over six years ago if not longer.  👍
  • Recommended Topics

  • Our picks

    • If you are buying a used car – you need to read this survival guide.
      • 1 reply
    • Hello,

      On 15/1/24 booked appointment with Big Motoring World (BMW) to view a mini on 17/1/24 at 8pm at their Enfield dealership.  

      Car was dirty and test drive was two circuits of roundabout on entry to the showroom.  Was p/x my car and rushed by sales exec and a manager into buying the mini and a 3yr warranty that night, sale all wrapped up by 10pm.  They strongly advised me taking warranty out on car that age (2017) and confirmed it was honoured at over 500 UK registered garages.

      The next day, 18/1/24 noticed amber engine warning light on dashboard , immediately phoned BMW aftercare team to ask for it to be investigated asap at nearest garage to me. After 15 mins on hold was told only their 5 service centres across the UK can deal with car issues with earliest date for inspection in March ! Said I’m not happy with that given what sales team advised or driving car. Told an amber warning light only advisory so to drive with caution and call back when light goes red.

      I’m not happy to do this, drive the car or with the after care experience (a sign of further stresses to come) so want a refund and to return the car asap.

      Please can you advise what I need to do today to get this done. 
       

      Many thanks 
      • 81 replies
    • Housing Association property flooding. https://www.consumeractiongroup.co.uk/topic/438641-housing-association-property-flooding/&do=findComment&comment=5124299
      • 160 replies
    • We have finally managed to obtain the transcript of this case.

      The judge's reasoning is very useful and will certainly be helpful in any other cases relating to third-party rights where the customer has contracted with the courier company by using a broker.
      This is generally speaking the problem with using PackLink who are domiciled in Spain and very conveniently out of reach of the British justice system.

      Frankly I don't think that is any accident.

      One of the points that the judge made was that the customers contract with the broker specifically refers to the courier – and it is clear that the courier knows that they are acting for a third party. There is no need to name the third party. They just have to be recognisably part of a class of person – such as a sender or a recipient of the parcel.

      Please note that a recent case against UPS failed on exactly the same issue with the judge held that the Contracts (Rights of Third Parties) Act 1999 did not apply.

      We will be getting that transcript very soon. We will look at it and we will understand how the judge made such catastrophic mistakes. It was a very poor judgement.
      We will be recommending that people do include this adverse judgement in their bundle so that when they go to county court the judge will see both sides and see the arguments against this adverse judgement.
      Also, we will be to demonstrate to the judge that we are fair-minded and that we don't mind bringing everything to the attention of the judge even if it is against our own interests.
      This is good ethical practice.

      It would be very nice if the parcel delivery companies – including EVRi – practised this kind of thing as well.

       

      OT APPROVED, 365MC637, FAROOQ, EVRi, 12.07.23 (BRENT) - J v4.pdf
        • Like
  • Recommended Topics

ICO Response to FOI Enquiry


Seminole
style="text-align: center;">  

Thread Locked

because no one has posted on it for the last 6436 days.

If you need to add something to this thread then

 

Please click the "Report " link

 

at the bottom of one of the posts.

 

If you want to post a new story then

Please

Start your own new thread

That way you will attract more attention to your story and get more visitors and more help 

 

Thanks

Recommended Posts

Anyone who has been following the Seminole v Abbey thread will know that I have been in coreespondence with the ICO regarding their "prelinanry view" that Abbey's microfche archive does not represent a relevant filing system under the DPA.

 

By way of background, I made a Section 7 claim and Abbey responded (on a without prejudice basis) that they had received the above prelim view. I then asked the ICO for details of this under the Freedom of Information Act. They sent me copies of a couple of emails between the ICO and Abbey's of Data Protection around the 24 March in which the ICO officer expressed the above view. Subsequently I requested a lot more information under the FOI and I received the response below. The various emails and other documents are set out in the second post of this thread. I haven't read everything yet but I think it's important to publish this as soon as possible.

 

I have set this up as a separate thread because it raises some very general issues and the seminole thread is now coming to the end of its life.

 

Re: Your Request for Information of the Information Commissioners Office’s correspondence with Abbey about their microfiche system.

You asked us to provide you with:

  • “Copies of all correspondence, file notes and emails in respect of the enquiry made by Debbie Waghorn on 23 March 2006 regarding the relevant filing system status of Abbey National plc’s microfiche archive system.”

We can confirm that you were sent all correspondence that we held regarding that enquiry at that time in response to your previous request (ref. FOI/370). We have attached a copy of an internal email dated 13th June 2006 from Mr Ansell to other ICO staff explaining that Abbey would be sending him a further email on this matter. He also refers to a letter Abbey would be sending to another member of staff regarding a complaint

Mr Ansell’s email of the 13th June 2006 also states that we are reviewing our approach to relevant filing systems in the banking sector. We intend to visit two or three banks in order to better understand how any non-electronic records are held. We are also reviewing our guidance on relevant filing systems in general. This may well lead us to give further guidance on which non-automated records fall within the definition. I do not consider it likely, even if we do issue revised guidance, that this will mean that microfiche records held in boxes where bank staff have to manually search through them to locate records relating to a particular account will fall within the definition of relevant filing system.

Mr Ansell duly received by email and post, a further letter from Abbey in which they give a detailed explanation of how their microfiche records are held and accessed. However, whereas they agreed to the release of their earlier email correspondence with us on this matter, when we asked them whether they objected to us providing you with a copy of the recent letter they made it clear that they had very strong objections. They stated that it was their view that it would inhibit open and frank communications with this office if they always had to be mindful that details of advice they had sought, or information they had provided, might appear in the public domain.

This engages section 59 of the Data Protection Act 1998 (DPA) which makes it an offence to disclose confidential information provided to the Commissioner. Where certain conditions apply the Commissioner may legitimately disclose confidential information provided to him even if the individual or organisation objects. However, we do not believe that any of these conditions apply in this case. We, therefore, consider that the letter in question is exempt from disclosure under section 44 of Freedom of Information Act 2000 (FoIA) because its disclosure is prohibited by law.

  • “Copies of the recordings of the telephone conversation between Debbie Waghorn and Richard Ansell that seems to have taken place on 23 March 2006 and any further telephone conversations about this matter that took place after this.

The ICO does not generally record telephone conversations and no conversations that took place between Debbie Waghorn and Richard Ansell were recorded.

  • “Copies of any correspondence and recordings of telephone conversations that took place between the Information Commissioner’s Office (ICO) and Abbey or their solicitors regarding my Freedom of Information Act enquiry dated 14 June 2006 with your reference FOI/370 or confirm that no such correspondence or telephone conversations took place.”

The ICO does not generally record telephone conversations and no conversations between the ICO and Abbey regarding your FoIA request dated 14th June 2006 (ref. FOI/370) were recorded. We can confirm that Mr Ansell telephoned Abbey to inform them that the ICO were going to supply you with the email correspondence dated 23rd and 24th March 2006 between Abbey and Mr Ansell in response to your FOI request of the 14th June (ref. FOI/370). During this telephone call, Mr Ansell enquired as to whether Abbey had any objections to this. Abbey responded over the phone and later by email confirming that they had no objections. Please see the attached email dated 27th June 2006 for Abbey’s response. Please note that the attachment sent with this email has not been provided to you for the reasons set out above.

  • “Copies of the assessment criteria and procedural guidelines under which Richard Ansell expressed his opinion in his email dated 24 March 2006. (I am particularly interested in how such an opinion could be reached and the criteria used to assess whether a filing system is relevant).

Mr Ansell based his opinion on guidance produced by the ICO entitled “The ‘Durant’ Case and its impact on the interpretation of the Data Protection Act 1998”. A copy of this is attached for your reference and it can also be accessed on our website by clicking this link: http://www.ico.gov.uk/cms/DocumentUploads/Durant_27_feb_06.pdf.

  • “Please confirm the legal and regulatory status of the opinion expressed in Richard Ansell’s email of 24 March 2006. What are your policies and procedures for referring to such opinions in considering complaints by data subjects? (This is a particularly important issue. Abbey are clearly relying on Mr Ansell’s opinion in refusing to comply with Subject Access Requests for information recorded on microfiche. In doing so they are actively seeking to deter SARs and, by expressing an informal opinion, the ICO is in danger of being seen as complicit in this process if a court subsequently decides that Abbey’s microfiche archive system is a relevant filing system).

Mr Ansell’s opinion was based on the information provided by Abbey in their email dated 23rd March 2006, Mr Ansell used the legal guidance produced by this office (as above) as the basis for his decision. The status of Mr Ansell’s opinion is that it is a considered view of an experienced member of ICO staff. It is not a final or definite determination of the legal position and a data controller may not agree with it. Similarly the Information Tribunal or a Court may take a different view.

If the ICO is supplied with information by a data controller, as we were by Abbey, and requested to give an opinion about a Data Protection issue, the opinion, decision or research is stored on file. This information can then be accessed by the relevant teams that deal with complaints from data subjects (within our Casework and Advice Division). If this opinion or correspondence is relevant to a complaint made by a data subject about a data controller, the Case Officer may refer to this opinion in their response.

  • “What are your procedures for publicising opinions such as that expressed by Richard Ansell in his email of 24 March 2006? (I am particularly concerned that Mr Ansell provided a response to Debbie Waghorn within 24 hours but it has taken more than two weeks for the ICO to provide a copy of this opinion to a data subject. This seems to at variance with the ICO’s role of protecting data subjects).

The ICO does not publish the advice or opinions our members of staff provide to data controllers when they ask us for assistance on a particular matter. However, the ICO does publish the guidance that we use to help us provide this advice. We have attached a copy of the guidance used in this case (described above) and it can also be found on our website at:

http://www.ico.gov.uk/cms/DocumentUploads/Durant_27_feb_06.pdf.

  • “Please confirm how many complaints under Section 7 of the DPA you have received since 1 January 2006 regarding Abbey’s microfiche archive system.

Since 1st January 2006 our Casework and Advice Division has received 25 requests for assessments (RFAs) under section 42 DPA which involve complaints about subject access requests made to Abbey under section 7 DPA.

  • “Please provide me with a copy of your procedures for determining whether any filing system constitutes a “relevant filing system” within the meaning of the DPA. Please provide me with copies of all formal opinions expressed by the ICO about relevant filing systems and any informal opinions expressed about microfiche based systems and bank transaction archive systems (other than that already provided. I am seeking to understand how you make such assessments and the basis on which such assessments have been made in the past. I am happy to accept electronic copies of any documents).

The guidance used to determine whether a filing system constitutes a ‘relevant filing system’ is attached and is on our website. It can be accessed by clicking on the following link:

http://www.ico.gov.uk/cms/DocumentUploads/Durant_27_feb_06.pdf.

This guidance constitutes the ICO’s current formal opinion on what is a relevant filing system. It is conceivable that opinions about microfiche based systems and bank transaction archive systems could have been included by members of ICO staff in response to enquiries and complaints received from data subjects and data controllers. These opinions will have been based on the most up to date published legal guidance on what constitutes a relevant filing system at that time.

It is not possible to conduct an electronic search of our casework system to retrieve every opinion expressed by any member of staff on the issue of relevant filing systems, microfiche and bank transaction archive systems. This is because the enquiries we receive and the advice we give are not stored in such a way that allow us to determine the exact content of each piece of correspondence. As such, it would take an exceptionally long time to locate copies of these informal opinions and the cost of complying with this request would be huge.

The Freedom of Information and Data Protection (Appropriate Limit and Fees) Regulations 2004 sets a financial limit for the cost of complying with FoIA requests. The financial limit applicable for the ICO is £450. It would cost far more than this to provide you with the information you have requested as it would take a member of staff a long time to go through every piece of correspondence we have sent out to every complainant and organisation to determine whether the information you have requested is held, to locate then retrieve and extract this information.

If you are dissatisfied with the response you have received and wish to request a review of our decision or make a complaint about how your request has been handled you should write to the Information Request Team at Wycliffe House, Water Lane, Wilmslow, SK9 5AF or e-mail [email protected].

If having exhausted the review process you are not content that your request or review has been dealt with correctly, you have a further right of appeal to this office in our capacity as the statutory complaint handler under the legislation. To make such an application, please write to the Senior Complaints Resolution Manager, Complaints Resolution Team at the address above or e-mail [email protected].

A copy of our review procedure is attached along with details of our enforcement powers and your rights of appeal.

Yours sincerely,

Jenny Wolfe

Guidance and Promotion Manager

Encs.

1. Copy of an internal email dated 13th June 2006 from Mr Ansell to other ICO staff explaining that Abbey would be sending him the email dated 23rd March.

2. Copy of an email dated 27th June 2006 from Ms Waghorn to Mr Ansell confirmeing Abbey has no objections to the correspondence dated 23rd and 24th March being provided in response to your FOI request dated the 14th June (ref. FOI/370).

3. Copy of the ICO’s guidance entitled “The ‘Durant’ Case and its impact on the interpretation of the Data Protection Act 1998”.

4. Copy of our review procedure any details of your rights of appeal.

Link to post
Share on other sites

Appendices:

 

-----Original Message-----

From: Richard Ansell

Sent: 13 June 2006 13:04

To: Matthew J. Negus; Dewi Bellis

Cc: Stephen R. Douglas; Helen J. Raftery; David J. Evans; Carol Hufton

Subject: Abbey National fiche issue

Matt/Dewi

Debbie Waghorn rang as she is dealing with cases from yourselves and wanted to give me further details about their manual fiche system and how difficult it is to access any particular record. She is going to confirm this to me by e-mail (which I will copy to you both) and include details in a letter going out today to Dewi.

I advised Debbie that we were reviewing our approach to relevant filing systems in the banking sector as a result of the current bank charges/access to statements issue that has blown up. To assist in this I asked if we might be able to visit and see Abbey's fiche system at first hand. She said she thought this would be a good idea and would first need to check with her Manager and advise.

I will keep you posted on developments.

Richard

 

=====================================================

 

The ‘Durant’ Case and its impact on the

interpretation of the Data Protection Act

1998

Introduction

This guidance addresses the Court of Appeal’s consideration of the question of when information falls within the definition of ‘personal data’. The Court’s ruling dealt with information which in some way concerns an identifiable living individual but which is not obviously about them. The guidance is to be read in conjunction with the Commissioner’s more general guidance on ‘personal data’ contained in ‘The Data Protection Act 1998 – Legal Guidance’

It is also important to note that the Data Protection Act 1998 implements the EU Data Protection Directive (95/46/EC). As the Court of Appeal in this case recognised, the Act should "be interpreted, so far as possible in the light of, and to give effect to, the Directive’s provisions". The Court also referred to relevant case law of the European Court of Justice.

This guidance will shortly be replaced by more general guidance on the scope of ‘personal data’. This new guidance will be informed by the work of the Article 29 Working Party subgroup that is currently looking into the meaning of ‘personal data’.

In the recent case of Durant v Financial Services Authority1 the Court of Appeal considered four important issues of law concerning the right of access to personal data. To the extent that the judgment provides clarity on these issues and reiterates the fundamental link between data protection and privacy rights it is welcomed by the Information Commissioner. This paper focuses on what the Commissioner considers to be the two most important of the issues considered by the Court, namely:

1. What makes "data" "personal" within the meaning of "personal data"?

and

2. What is meant by a "relevant filing system"?

This document is aimed in particular at specialist data protection officers and professional advisers.

What "data" are "personal" for the purposes of the Data Protection Act 1998 ("DPA")

1 Michael John Durant v Financial Services Authority [2003] EWCA Civ 1746, Court of Appeal (Civil Division) decision of Lord Justices Auld, Mummery and Buxton dated 8th December 2003. A full text of the judgment is available from the Court Service website at www.courtservice.gov.uk

web version 4 27/02/06 1

The DPA applies only to ‘personal data’ and therefore a clear understanding of what is meant by this term is essential for compliance with its provisions. The DPA defines personal data in section 1(1) as:

"data which relate to a living individual who can be identified –


  1. (a) from those data, or
     
  2. (b) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller,
  3. and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual."

    In the Durant case the Court of Appeal did not consider the issue of the identifiability of an individual .This is often the starting point in developing an understanding of personal data. Instead, the Court of Appeal in this case concentrated on the meaning of "relate to" in that definition, identifiability not being an issue in the case.

    The Court of Appeal concluded that data will relate to an individual if it:

    "is information that affects [a person’s] privacy, whether in his personal or family life, business or professional capacity".

    This suggests to the Commissioner that in cases where it is not clear whether information relates to an individual you should take into account whether or not the information in question is capable of having an adverse impact on the individual. The Court identified two notions that may assist in determining whether information "is information that affects [an individual’s] privacy" and, therefore, "relates to" an individual:

    "The first is whether the information is biographical in a significant sense, that is, going beyond the recording of [the individual’s] involvement in a matter or an event which has no personal connotations…"

    The second concerns focus. "The information should have the [individual] as its focus rather than some other person with whom he may have been involved or some transaction or event in which he may have figured or have had an interest …"

    Where an individual’s name appears in information the name will only be ‘personal data’ where its inclusion in the information affects the named individual’s privacy. Simply because an individual’s name appears on a document, the information contained in that document will not necessarily be personal data about the named individual.

    web version 4 27/02/06 2

    2 See European Court of Justice decision in Bodil Lindqvist v Kammaraklagaren (2003) C-101/01, paragraph 27, as referred to in paragraph 28 of the Durant judgment.

    3 See Lindqvist case (see above), paragraph 27, and Durant at paragraph 28.

    It is more likely that an individual’s name will be ‘personal data’ where the name appears together with other information about the named individual such as address, telephone number2 or information regarding his hobbies3.

    As such, marketing lists containing a name together with contact details such as address and/or telephone number and/or e-mail will be personal data.

    Provided the information in question can be linked to an identifiable individual the following are also examples of personal data:

    1. • information about the medical history of an individual;
       
    2. • an individual’s salary details;
       
    3. • information concerning an individual’s tax liabilities;
       
    4. • information comprising an individual’s bank statements; and
       
    5. • information about individuals’ spending preferences.

    These types of information may be contrasted with the following examples of information which will not normally be personal data:

    1. • mere reference to a person’s name where the name is not associated with any other personal information;
       
    2. • incidental mention in the minutes of a business meeting of an individual’s attendance at that meeting in an official capacity; or
       
    3. • where an individual’s name appears on a document or e-mail indicating only that it has been sent or copied to that particular individual, the content of that document or e-mail does not amount to personal data about the individual unless there is other information about the individual within it.

    The following comments of Lord Justice Auld indicate some practical implications of the Court of Appeal’s interpretation of ‘personal data’:

    - "not all information retrieved from a computer search against an individual’s name or unique identifier is personal data";

    - "[section 7 DPA] is not an automatic key to any information, readily accessible or not, of matters in which [the party making the request for information] may be named or involved";

    - "the mere fact that a document is retrievable by reference to [the applicant for information’s] name does not entitle him to a copy of it under the Act".

    Information that has as its focus something other than the individual will not be ‘personal data’. For example, information that focuses on a property (e.g. a structural survey) is not ‘personal data’, nor is information about the

    web version 4 27/02/06 3

    4 A "relevant filing system" is defined in section 1(1) of the DPA as "any set of information relating to individuals to the extent that, although the information is not processed by means of equipment operating automatically in response to instructions given for that purpose, the set is structured either by reference to the individual or to criteria relating to individuals, in such a way that specific information relating to a particular individual is readily accessible".

    performance of an office department or a branch of a chain of stores. While such information may include information ‘about’ an individual, where the focus of the information is something other than the individual, such information will not ‘relate to’ the individual and, therefore, is not personal data.

    However, there are many circumstances where information, for example about a house or a car, could be personal data because that information is directly linked to an individual. One example would be a valuation of a house where this was being used in order to determine the assets of a particular individual in a matrimonial dispute. Another example would be the details of a car photographed by a speed camera where those details are used to direct a notice of intention to prosecute to the registered keeper of the vehicle.

    Manual files covered by the DPA 1998

    The Act only applies to "personal data". "Data" as defined by the DPA includes both information held on computer and manual information provided the manual data is organised into a "relevant filing system"4.

    In the Durant case the Court of Appeal took the view that the Act intended to cover manual files "only if they are of sufficient sophistication to provide the same or similar ready accessibility as a computerised filing system".

    Any manual filing system "which, for example, requires the searcher to leaf through files to see what and whether information qualifying as personal data of the person who has the made the request [for access to his personal data] is to be found there, would bear no resemblance to a computerised search." It would not, therefore, qualify as a relevant filing system.

    The judgment concluded that:

    "a ‘relevant filing system’ for the purposes of the Act, is limited to a system:

    1) in which the files forming part of it are structured or referenced in such a way as to clearly indicate at the outset of the search whether specific information capable of amounting to personal data of an individual requesting it under section 7 is held within the system and, if so, in which file or files it is held; and

    2) which has, as part of its own structure or referencing mechanism, a sufficiently sophisticated and detailed means of

    web version 4 27/02/06 4

    5 "Accessible records" are records relating to health, education and certain other accessible public records. See s.68 and Schedule 12 DPA for further information.

    readily indicating whether and where in an individual file or files specific criteria or information about the applicant can be readily located".

    The judgment includes some helpful statements as to the effect of this interpretation as follows:

    - "the protection given by the legislation is for the privacy of personal data, not documents";

    - "if the [DPA] statutory scheme [for the handling of manual personal data] is to have any sensible and practical effect, it can only be in the context of filing systems that enable identification of relevant information with a minimum of time and costs, through clear referencing mechanisms within any filing system potentially containing personal data…";

    - "to qualify [as a relevant filing system] under … the Act … requires … a file to which [a] search [for personal data] leads to be so structured and/or indexed as to enable easy location within it or any sub-files of specific information about the data subject that he has requested"; and

    - "… it is only to the extent that manual filing systems are broadly equivalent to computerised systems in ready accessibility to … personal data that they are within the system of data protection".

    In the Information Commissioner’s view it follows, therefore, that when a subject access request is received for information held in manual form (other than information contained in an "accessible record"5), the statutory right to be given access to personal data will only apply if the filing system is structured as a ‘relevant filing system’. That is to say, the filing system is structured in such a way as to allow the recipient of the request to:

    Either:

    (a) - know that there is a system in place which will allow the retrieval of file/s in the name of an individual (if such file/s exists); and

    - know that the file/s will contain the category of personal data requested (if such data exists); or

    (b) - know that there is a system in place which will allow the retrieval of file/s covering topics about individuals (e.g. personnel type topics such as leave, sick notes, contracts etc); and

    - know that the file/s are indexed/structured to allow the retrieval of information about a specific individual (if such information

    web version 4 27/02/06 5

    6 FOIA does not cover private or voluntary sector bodies save where they carry out public functions for a public sector body. For further information on the impact of FOIA on the meaning of ‘personal data’ see "Freedom of Information Act 2000: An Introduction" available from the Commissioner’s website at www.ico.gov.uk. Also, see "FOI Awareness Guidance No. 1 on Personal Information" which can also be found on the Commissioner’s website. The relevant provisions of the FOIA, amending the DPA, are sections 68 to 73 inclusive and Schedule 6.

    exists)(e.g. the topic file is subdivided in alphabetical order of individuals’ names).

    Where manual files fall within the definition of relevant filing system, the content will either be so sub-divided as to allow the searcher to go straight to the correct category and retrieve the information requested without a manual search, or will be so indexed as to allow a searcher to go directly to the relevant page/s.

    For example, a set of legal files containing files divided into sections for legal aid, pleadings, orders, correspondence by year, instructions to counsel, counsel’s advice, will not be a relevant filing system because the divisions/referencing do not assist a searcher in retrieving the required personal information without the need to leaf through the file contents. It is important to note that the Freedom of Information Act 2000 ("FOIA") will, in 2005, amend the DPA to expand the definition of "data" by adding an additional category of data, known as "category "e" data". As a result of the expanded definition, public sector bodies caught by FOIA will be obliged to give data subjects access to this additional category of data. Public authorities should also note that category "e" data must be accurate and up to date and that the rectification provisions of the DPA will apply in respect of such data (subject to transitional relief).6

    Where information is filed in a system using individuals’ names as file names, the system may not qualify as a relevant filing system if the indexing/referencing/sub-division is structured otherwise than to allow the retrieval of personal data without leafing through the file. A filing system containing files about individuals, or topics about individuals, where the content of each file is structured purely in chronological order will not be a relevant filing system as the files are not appropriately structured/indexed/divided or referenced to allow the retrieval of personal data without leafing through the file.

    Personnel files and other manual files using individuals’ names or unique identifiers as the file names, which are sub-divided/indexed to allow retrieval of personal data without a manual search (such as, sickness, absence, contact details etc.), are likely to be held in a ‘relevant filing system’ for the purposes of the DPA. However, following the Durant judgment it is likely that very few manual files will be covered by the provisions of the DPA. Most information about individuals held in manual form does not, therefore, fall within the data protection regime.

    web version 4 27/02/06 6

     

    ==========================================================

     

    -----Original Message-----

    From: Waghorn, Debbie [mailto:[email protected]]

    Sent: 27 June 2006 19:21

    To: Richard Ansell

    Cc: Matthew J. Negus; Matthew J. Negus

    Subject: Microfiche records

    >

    Richard

    Further to our recent telephone conversations, here is my letter outlining our microfiche storage and retrieval process. Hopefully I have included sufficient information to enable you to form a view. If you require any further clarification, please let me know.

    I also confirm that Abbey does not have any objections to the earlier email correspondence between you and me (dated 23rd & 24th March) being released as part of the Freedom of Information request that the Information Commissioner has received.

    Regards

    Debbie Waghorn

    Head of Data Protection

     

    ==========================================================

     

    Requests for Information – Review Procedure

    Although the EIR is the only legislation that requires the Information Commissioner to have a review procedure, this procedure will be adopted for use in relation to complaints made to the Information Commissioner regarding any request for information.

    Any applicant for information may make representations to the Information Commissioner if it appears to them that he has failed to comply with any of his duties to:

    · make environmental information available in accordance with the EIR,

    · provide a data subject with access to his personal data in accordance with the DPA,

    · provide a right of access to information held by the Information Commissioner in accordance with the FOIA.

    These representations must be made in writing within 40 working days of the date on which it appears to the applicant that the Information Commissioner is in breach of his duty.

    When such representations have been received they must immediately be copied to the Information Request Co-ordinator who will log the complaint and send an acknowledgement letter to the applicant.

    The Information Request Co-ordinator will notify the Information Requests Board (IRB) and the relevant request handler of the complaint and refer it, together with the Request Report to the complaint handler.

    The complaint will not be handled by anyone who dealt with the original decision, although it may be necessary to consult the original request handler and/or the Chair of the IRB. It will be referred either to an Assistant Commissioner or the Chief Operating Officer provided they were not involved in the original decision or a Deputy Commissioner. Any legal advice will be provided by a solicitor not involved in advising on the original request. Advice may also be sought by the complaint handler from a FOI Complaints Resolution Manager.

    The complaint handler will consider the representations and any supporting evidence produced by the applicant and decide if the Information Commissioner has complied with his duties.

    Where the request relates to personal data in accordance with the DPA or environmental information in accordance with the EIR, the applicant will be notified of the decision in writing within 40 working days of receipt of the representations. Where the request relates to information held by the Information Commissioner in accordance with the FOIA, the applicant will be notified of the decision in writing within 20 working days of receipt of the representations. If it is decided that the Information Commissioner has not complied with his duties the breach shall be remedied immediately and the IRB and request handler will be notified. The complaint handler will liaise with the Information Request Coordinator to ensure the proper recording and processing of the internal review.

    If the applicant remains dissatisfied, he has the right to make a formal complaint/request for a decision notice to the Information Commissioner. Details of the Information Commissioner’s enforcement powers and the appeal procedure is attached.

    Should the applicant do this, the complaint will be dealt with as any other similar request by a FOI Complaints Resolution Manager not previously involved in consideration of the request. Legal advice will be provided by a lawyer not involved in the original decision or review (a Principal Solicitor where possible).

    In the event that a decision notice is appealed, the Information Commissioner himself will be consulted and advised by a FOI Complaints Resolution Team member and a lawyer not previously involved in dealing with the request, internal review or complaint.

    SUMMARY OF INFORMATION COMMISSIONER’S ENFORCEMENT POWERS AND APPEAL PROCEDURES

    1. If you are dissatisfied with the handling of a subject access request

    A dissatisfied data subject can request the Information Commissioner to assess whether it is likely or unlikely that the processing has been carried out in compliance with the DPA.

    If the Information Commissioner has received a request for assessment or reasonably requires any information to determine whether the data controller has complied/is complying with the data protection principles, he can serve an information notice requiring the data controller within a specified time to give him information relating to the request/ compliance with the principles.

    If the request for assessment concerns information that it is alleged is processed for artistic, literary, or journalistic purposes, the Information Commissioner can serve a special information notice requiring the data controller, within a specified time, to give him information to enable him to ascertain whether the data are processed only for those purposes, or if they are being processed with a view to publication by any person of any artistic, literary, or journalistic material which the data controller has not previously published.

    If the Information Commissioner is satisfied that the data controller has contravened or is contravening any of the data protection principles he may serve an enforcement notice requiring the data controller to comply with the principle, or to take specified steps, or to refrain from taking specified steps, or to refrain from processing any personal data or personal data of a specified description at all, or for a specified purpose, or in a specified manner.

    Failure to comply with any of the above notices is a criminal offence as is knowingly or recklessly making a false statement in purported compliance with an information or special information notice.

    Individuals who believe they have suffered damage and distress, (or distress alone in the case of processing for the special purposes) as a result of processing in contravention of the Act can apply to court for compensation.

    Individuals can also apply to the court for an order enforcing their rights, for example, subject access.

    There is no direct way of enforcing any Codes of Practice issued by the Information Commissioner but failure to comply may indicate that a breach of the Act is likely.

    The Information Commissioner can also include the detail of any failure to comply with the Act in his report to Parliament on the exercise of his functions.

    The Information Commissioner can apply to a circuit judge, or in Scotland to a Sheriff, for a warrant to:

     

    · enter and search premises,

    · inspect and seize documents or other material, and

    · inspect, examine, operate and test equipment used or intended to be used for the processing of personal data,

     

    if he believes a data controller is contravening or has contravened any of the data protection principles, or that an offence under the DPA has been, or is being committed.

    Appeals

    A data controller can appeal against an enforcement, information or special information notice to the Information Tribunal.

    Individuals whose complaints are not upheld by the Information Commissioner can ask the Information Commissioner to review the decision but there is no right of appeal.

    Any person directly affected by the issue of a national security certificate signed by a Minister of the Crown in accordance with section 28(2) may appeal to the Tribunal against the certificate.

    2. If you are dissatisfied with the handling of a request for environmental information

    If an applicant believes that a public authority has not made environmental information available to him, in breach of the regulations, and he has been through the internal review procedure, he can apply to the Information Commissioner for a decision whether in any specified respect that public authority has dealt with the request for information in accordance with Parts 2 and 3 of the Environmental Information Regulations 2004.

    If the Information Commissioner believes the public authority has failed to provide information or to confirm or deny its existence where it is required to do so, or it has not communicated the information in the manner required by the regulations, or the refusal notice is incorrect, the Information Commissioner must specify what steps must be taken and within what time scale.

    If the Information Commissioner has received a request for a decision notice or reasonably requires information to determine whether the public authority has complied with the Parts 2 and 3 EIR, or the Codes of Practice, he can issue an information notice requiring the public authority to provide information by a specified date.

    If the Information Commissioner is satisfied that the public authority has contravened or is contravening any of the requirements of Parts 2 or 3 EIR he may serve the public authority with an enforcement notice requiring it to take specified steps for complying with those requirements, within a specified period.

    The Information Commissioner can apply to a circuit judge, or in Scotland to a Sheriff, for a warrant to:

     

    · enter and search premises,

    · inspect and seize documents or other material, and

    · inspect, examine, operate and test equipment where information may be recorded,

     

    if he believes a public authority have failed to comply with Parts 2 and 3 EIR, or a decision notice requiring steps to be taken, or an information or enforcement notice, or that the public authority is committing the offence of altering, defacing, blocking, erasing, destroying or concealing any record to prevent its disclosure, following receipt of a request for that information.

    There is no civil right of action for applicants to pursue a remedy through the courts.

    If the Information Commissioner believes that a public authority’s practices do not conform with any Code of Practice issued under these regulations he may issue a written practice direction specifying in what respect the practices do not conform and the steps the public authority ought to take.

    Appeals

    Both the applicant and the public authority can appeal a decision notice to the Information Tribunal.

    A public authority can appeal an information or enforcement notice to the Information Tribunal.

    Any party to a an appeal can appeal the Tribunal’s decision on a point of law to the High Court if the public authority address is in England or Wales, Court of Session if the public authority address is in Scotland, or High Court of Northern Ireland if the public authority address is in Northern Ireland.

    Where a certificate has been issued supporting the use of the security exemptions under regulation 15, the Commissioner, or any applicant whose request for information is affected by the issue of the certificate may appeal to the Information Tribunal against the certificate.

    3. If you are dissatisfied with the handling of any other request for information (an FOIA request)

    If an applicant believes that a public authority has failed to make information available to him, in contravention of Part I of the FOIA, and he has exhausted any internal review procedure, he can apply to the Information Commissioner for a decision whether in any specified respect the public authority has dealt with their request for information in accordance with Part I of the FOIA.

    If the Information Commissioner believes a public authority has failed to provide information or to confirm or deny its existence where it is required to do so, or it has not communicated the information in the manner required by the FOIA, or the refusal notice is incorrect, the Information Commissioner must specify what steps must be taken and within what time scale.

    If the Information Commissioner has received a request for a decision notice or reasonably requires information to determine whether a public authority has complied with the Part I of the FOIA or the Codes of Practice, he can issue an information notice requiring it to provide information by a specified date.

    If the Information Commissioner is satisfied that a public authority has contravened or is contravening any of the requirements of Part I he may serve the public authority with an enforcement notice requiring it to take specified steps for complying with those requirements, within a specified period.

    The Information Commissioner can apply to a circuit judge, or in Scotland to a Sheriff, for a warrant to:

     

    · enter and search premises,

    · inspect and seize documents or other material, and

    · inspect, examine, operate and test equipment where information may be recorded,

     

    if he believes a public authority have failed to comply with Part I, or a decision notice requiring steps to be taken, or an information or enforcement notice, or that it is committing the offence of altering, defacing, blocking, erasing, destroying or concealing any record to prevent its disclosure, following receipt of a request for that information.

    There is no civil right of action for applicants to pursue a remedy through the courts.

    If the Information Commissioner believes that a public authority’s practices do not conform with any Code of Practice issued under the FOIA he may issue a written practice direction specifying in what respect the practices do not conform and the steps it ought to take.

    Appeals

    Both the applicant and the public authority can appeal a decision notice to the Information Tribunal.

    A public authority can appeal an information or enforcement notice to the Information Tribunal.

    Any party to a an appeal can appeal the Tribunal’s decision on a point of law to the High Court if the public authority address is in England or Wales, Court of Session if the public authority address is in Scotland, or High Court of Northern Ireland if the public authority address is in Northern Ireland.

    Where a certificate has been issued supporting the use of either of the two security exemptions under sections 23 and 24, the Commissioner, or any applicant whose request for information is affected by the issue of the certificate may appeal to the Information Tribunal against the certificate.

    Note

    It is important to note that the Information Commissioner has discretion as to whether to issue an information or enforcement notice in any particular case and he will not do so in every case.

    In exercising discretion the Information Commissioner will take into consideration all the circumstances of the case including the effect of the breach on the applicant, whether the breach has been remedied, whether the breach appears to be an isolated incident or suggests a systematic breach, and whether the public interest will be served by enforcement.

Link to post
Share on other sites

so in essence, this basically means that Abbey can use the Microfiche argument until further notice?

Abbey £4340.59 *WON* Jan 07

 

Abbey II MCOL 31/03/07 £8800.00

 

Please note..I AM NOT AN EXPERT ANYTHING WHAT I POST IS PURELY MY OPINION AND MAY BE WRONG IT IS JUST BASED ON MY UNDERSTANDING OR EXPERIENCE

 

Read my latest claim its a fast track potentially

http://www.consumeractiongroup.co.uk/forum/abbey-bank/61406-noobrider-abbey-take-2-a.html?highlight=noobrider

 

read my first claim which includes attending a directions hearing in court

http://www.consumeractiongroup.co.uk/forum/abbey-bank/10576-noobrider-abbey.html?highlight=noobrider

Link to post
Share on other sites

Abbey supplied me with microfinch info on my account with no mention of payment and additionally sent microfinch info for someone elses account also free of charge. As I do not have a name for the account holder I am still wondering what I should do with this. Abbey had the cheek to tell me that under the DPA I had no right to this info and advised to hand it in to local branch imediately or destroy it. The attitude implied that I had done something wrong.

Link to post
Share on other sites

The ICO have managed the considerable feat of providing a substantial volume of information without really answering the questions I posed.

 

I plan to go through this thoroughly over the weekend and I am also waiting for input from BF but at first glance, I think they have a novel way of interpreting their statutory duty which is to protect data subjects.

Link to post
Share on other sites

Edit....

AND why won't they allow the Data Protection Act non compliance cases to go to court ? If a DPA claim does go to court will the Information Commissioners Office be involved ? How would the judge make a decision ?

 

I posed a question around this recently but nobody replied.

 

Has Abbey actually settled a DPA claim out of court?

 

I have an Allocation Hearing on my DPA action against Abbey on 15th August and I have had nothing back from DLA now for a week after I told them that I was not willing to withdraw my DPA claim.

Abbey - Won DPA Claim - Aug 06 and got bailiffs in to recover my court costs of just £30.00

Abbey - Won Charges Refund of £1050 - Nov 06

Egg - Recovered £220 due to Customer Services misinformation - Feb 2007

Nat West - Prelinimary Letter to recover on Credit Card charges £30.00 sent March 2006. £25.40 offered - rejected and the bank reckons that this is it's last word on the matter. We'll see if that's still the case when it reads my N1 form sent recently. It has until the 17th April to respond or the N1 will be submitted.

 

Please check out my web site www.BankChargesScandal.co.uk for Research, Useful links and my story.

Link to post
Share on other sites

Seminole

 

the point about personnel searchng through boxes to find data appears to be a red herring to me.

 

I cant say that I know abbys system, but it seems to me that anyone using a storage system will have in place, information (an indexing system) to allow them to find specific records.

 

Depending on their individual needs as a company will determine how precise the location of a given record needs to be.

 

I cant see that in reality Abbey and indeed any other bank, doesnt have the data for account holders stored in such a way as to make it relativley easy to retrieve.

 

I.E. I cant see them having to search a building/room/shelf/box to find out if it contains any data about a person which seems to be the problem with manual records from the Data Protection Act viewpoint.

 

But rather they will use an index system to locate the relevant data and find it on each microfiche film.

 

In other words they will know which room/shelf/box/film to pick a specific films and using a particual methedology will locate an individuals record in a particular spot on a given film.

 

I cant see they simply wander into the room select boxes and films effectivley at random, even within a specific period, to determine if it holds data for a given individual.

 

Is this somehting worth putting to them?

 

JMHO

 

Glenn

Kick the shAbbey Habit

 

Where were you? Next time please

 

 

Abbey 1st claim -Charges repaid, default removed, interest paid (8% apr) costs paid, Abbey peed off; priceless

Abbey 2nd claim, two Accs - claim issued 30-03-07

Barclaycard - Settled cheque received

Egg 2 accounts ID sent 29/07

Co-op Claim issued 30-03-07

GE Capital (Store Cards) ICO says theyve been naughty

MBNA - Settled in Full

GE Capital (1st National) Settled

Lombard Bank - SAR sent 16.02.07

MBNA are not your friends, they will settle but you need to make sure its on your terms -read here

Glenn Vs MBNA

Link to post
Share on other sites

Edit.....

 

I cant see they simply wander into the room select boxes and films effectivley at random, even within a specific period, to determine if it holds data for a given individual.

 

Is this somehting worth putting to them?

 

JMHO

 

Glenn

 

Abbey's system is quite straightforward. It is adequately described in the DPA defense documents that are being filed by DLA. To my mind (and it's not a legal one), if you can adequately describe a filing system in less than half a page of A4 any half literate monkey would be able to take that information and quickly find the information that is required. This would also seem to be bourne out in the speed at which Abbey appears to be able to produce duplicate statements from data that's supposed to be archived.

 

Somewhere on these forums there is a user who claims to have worked in the Microfiche department at Abbey in Milton Keynes. I have not seen any revelations from this person, but I would love to find out some more.

Abbey - Won DPA Claim - Aug 06 and got bailiffs in to recover my court costs of just £30.00

Abbey - Won Charges Refund of £1050 - Nov 06

Egg - Recovered £220 due to Customer Services misinformation - Feb 2007

Nat West - Prelinimary Letter to recover on Credit Card charges £30.00 sent March 2006. £25.40 offered - rejected and the bank reckons that this is it's last word on the matter. We'll see if that's still the case when it reads my N1 form sent recently. It has until the 17th April to respond or the N1 will be submitted.

 

Please check out my web site www.BankChargesScandal.co.uk for Research, Useful links and my story.

Link to post
Share on other sites

FWIW Odd Fellow

 

I came up with my ideas about the michrofiche system abbey or indeed any bank would use based on using them to find books in a libabry some while ago i think it was and some common sense.

 

I read the DLA comments and thought at first they had read my post!!

 

Stupid thing is as others on that thread sai, they have just proved the case for the claimant.

 

Glenn

Kick the shAbbey Habit

 

Where were you? Next time please

 

 

Abbey 1st claim -Charges repaid, default removed, interest paid (8% apr) costs paid, Abbey peed off; priceless

Abbey 2nd claim, two Accs - claim issued 30-03-07

Barclaycard - Settled cheque received

Egg 2 accounts ID sent 29/07

Co-op Claim issued 30-03-07

GE Capital (Store Cards) ICO says theyve been naughty

MBNA - Settled in Full

GE Capital (1st National) Settled

Lombard Bank - SAR sent 16.02.07

MBNA are not your friends, they will settle but you need to make sure its on your terms -read here

Glenn Vs MBNA

Link to post
Share on other sites

Odd - this one ?

 

Yes, that's the one.

Abbey - Won DPA Claim - Aug 06 and got bailiffs in to recover my court costs of just £30.00

Abbey - Won Charges Refund of £1050 - Nov 06

Egg - Recovered £220 due to Customer Services misinformation - Feb 2007

Nat West - Prelinimary Letter to recover on Credit Card charges £30.00 sent March 2006. £25.40 offered - rejected and the bank reckons that this is it's last word on the matter. We'll see if that's still the case when it reads my N1 form sent recently. It has until the 17th April to respond or the N1 will be submitted.

 

Please check out my web site www.BankChargesScandal.co.uk for Research, Useful links and my story.

Link to post
Share on other sites

FWIW Odd Fellow

 

I came up with my ideas about the michrofiche system abbey or indeed any bank would use based on using them to find books in a libabry some while ago i think it was and some common sense.

 

I read the DLA comments and thought at first they had read my post!!

 

Stupid thing is as others on that thread sai, they have just proved the case for the claimant.

 

Glenn

 

Well, that's the silly thing about it. A microfiche needs to be adequately indexed so people can quickly find the information on it. I don't see an argument here.

 

The argument that Abbey is putting forward is not that it isn't indexed, it's that it's not a "relevant filing system" under the (not somewhat blured) definition as laid down in the DPA.

 

As I have a DPA legal claim against abbey right now, I am slightly concerned that the ICO's information as posted by Semi in this thread makes the situation very unclear.

 

I am very interested to see Semi's take on it once he's had more time to digest it all.

Abbey - Won DPA Claim - Aug 06 and got bailiffs in to recover my court costs of just £30.00

Abbey - Won Charges Refund of £1050 - Nov 06

Egg - Recovered £220 due to Customer Services misinformation - Feb 2007

Nat West - Prelinimary Letter to recover on Credit Card charges £30.00 sent March 2006. £25.40 offered - rejected and the bank reckons that this is it's last word on the matter. We'll see if that's still the case when it reads my N1 form sent recently. It has until the 17th April to respond or the N1 will be submitted.

 

Please check out my web site www.BankChargesScandal.co.uk for Research, Useful links and my story.

Link to post
Share on other sites

Seminole, I assume you are busy poring over legal issues, comments from ICO etc.

Having had a cursory look at what constitutes a relevant filing system and what doesn't, I am surprised that Mr. Ansell was able to come to such a speedy decision

without apparently probing a little deeper.

 

Why does the bank appear to have two filing systems- the microfiche one seems

to come into effect after two years or so. Why? If the microfiche system is better [and it would appear so since they keep most of their records on it] presumably

because they can store more records in a much smaller space, making it cost

effective too, surely it would be more sensible to use microfiche from day1? The

reason they don't might help us.

 

 

The next question is whether they hold one filing system for our bank

statement information, and our personal notes and communication data on another.

And do they hold all our information on microfiche, or only some of it? And do

the branches hold some of our information, and Head Office other data? If so, is

all of it held on microfiche, or does it depend on what the info is, or who is storing

the info?

 

Until that knowledge at a minimum is known, I cannot see how a judgement can

start to be made. If the data is archived in the right way [and legally it should be]

then to recover the required data should be no more difficult than using a computer.

After all, Libraries across the country have microfiche files available for the general

Public and even a complete novice can get the hang of using them pretty quickly,

so should pose no problems for experienced bank operators.

Link to post
Share on other sites

Until EU Commission and DCA get their act together. the IC is having to follow the guidance issued following the Durant Case.

 

Bird & BirdUpdate to European Commission investigation into the UK implementation of the Data Protection Directive

 

Bird & BirdUpdate to European Commission investigation into the UK ...

Update to European Commission investigation into the UK implementation of the Data Protection Directive 23-05-05. Emily Unwin ...

Link to post
Share on other sites

It hacks me off when public servants, paid out of our taxes, do not do their jobs properly. I have drafted a letter for you which you may want to consider. However it is very aggressive in tone and pretty much sets you on course for a Judicial Review. You should therefore be clear on the legal position and seek your own legal advice before going down this route.

 

 

The Information Commissioner

 

Dear Sir,

 

ABBEY BANK RECORDS

 

I am shocked at the conduct of your office in the above matter and in particular your treatment of me.

 

As I understand it Mr Ansell has had private correspondence with a party against whom there are at least 25 pending applications for Section 42 determination and he has discussed this correspondence with those members of your office considering those applications, both without the knowledge of the other parties. Mr Ansell appears to have expressed an opinion which seems to have fettered your organisation’s discretion without full consideration of the evidence and thus prejudiced those applications and tainted any determination you make.

 

Furthermore Mr Ansell gave an opinion on 24 March 2006 which you state was based on an email received 23 March 2006, effectively giving him a few working hours for cursory consideration. In addition because he made no attempt to take into account all relevant considerations, by for example, but not limited to:

  • Failing to consider how Abbey fulfils their legal and regulatory requirement to maintain a record of all client transactions for five years;
  • Failing to discover and consider the record retention policies of Abbey.

he came to a decision which is ‘Wednesbury’ unreasonable.

 

You acknowledge that this opinion has no statutory basis and therefore it is likely to be ‘ultra vires’. Yet I am aware that it is being used, as if it was a determination, to resist Subject Access Requests. With your knowledge of the current public interest in accessing the personal data held in bank statements and the pending determinations you should have foreseen that your ‘ultra vires’ actions would be so interpreted and yet you appear recklessly indifferent to that result.

 

With regard to my own Freedom of Information Act request you have determined that the documents relating to Abbey’s microfiche system engage section 59 of the Data Protection Act 1998 (Data Protection Act) which makes it an offence to disclose confidential information provided to the Commissioner. However you gave me no opportunity to plead my position before coming to this decision and thus treated me in a procedurally unfair manner. I would strongly argue that these documents are covered by the exemptions contained in section 59(2)(d) the disclosure is made for the purposes of any proceedings and 59(2)(e) … the disclosure is necessary in the public interest. Yet once again you have failed to take into account all relevant considerations and come to a ‘Wednesbury’ unreasonable decision.

 

Finally you suggest that I should appeal to your organisation against this decision. This appears to breach directly Article 6 of the European Convention of Human Rights which guarantees a hearing by an independent and impartial tribunal.

 

In summary I require you to remedy the actions of Mr Ansell and release to me the submissions made by Abbey regarding their microfiche system.

 

Yours

Link to post
Share on other sites

Oh I like this, seems some homework was done here :-)

 

Quite frankly I do not beleive their stories about how they access their microfiche, the IC needs to go in a take a good look at ALL their storage right now!! and start acting like the regulatory body that I think they ought to be and be a little less like the toothless tiger that they are appearing to be

Lula

 

Lula v Abbey - Settled

Lula v Abbey (2) - Settled

Lula v Abbey (3) - Stayed

 

Link to post
Share on other sites

....Why does the bank appear to have two filing systems- the microfiche one seems

to come into effect after two years or so. Why? If the microfiche system is better [and it would appear so since they keep most of their records on it] presumably

because they can store more records in a much smaller space, making it cost

effective too, surely it would be more sensible to use microfiche from day1? The

reason they don't might help us.

 

Its clear that computer based records can be searched and data retrieved far more quickly and cost effectivley than a system which requires manual intervention to find those records, of any kind.

 

Thats the reaosn I suspect for long term storgae of 'old' records and infromation rather than all of it.

 

As has been said, for the system to be a 'relevant filing system' its more to do with the ability to manipulate data in a similar way to a computersied system as i understand it.

 

The thrust of the durrant case seems to rule out data held on files through which you would have to leaf to work out if it contained any personal data.

 

In this case however, i suspect that the bank would know whether they had personal data by referring to their index of such a system. unless the act of searching an index manually would rule this out?

 

It is quite likley that the index system is not manual though because this would require a large telephone style book/s to hold the names, cross referenced to account numbers and possibly addresses to work out if the bank held any relevant data in these files.

 

Its more likley that the index is computerised imho.

 

The more i think about this i cannot see how the commisioner came to the decision and more to the point why they give such 'opinions' bearing in mind their status.

 

Glenn

Kick the shAbbey Habit

 

Where were you? Next time please

 

 

Abbey 1st claim -Charges repaid, default removed, interest paid (8% apr) costs paid, Abbey peed off; priceless

Abbey 2nd claim, two Accs - claim issued 30-03-07

Barclaycard - Settled cheque received

Egg 2 accounts ID sent 29/07

Co-op Claim issued 30-03-07

GE Capital (Store Cards) ICO says theyve been naughty

MBNA - Settled in Full

GE Capital (1st National) Settled

Lombard Bank - SAR sent 16.02.07

MBNA are not your friends, they will settle but you need to make sure its on your terms -read here

Glenn Vs MBNA

Link to post
Share on other sites

I worked in Abbeys Micofiche dept, I know I left there 8 years ago now but I cant beleive that the filling system would change for microfiche, the fiche is held in filling cabnets, each cabnet holds a differnt year, and is in account nnuber order, we would retrive fiche for anyone that sent in a request, ie branches, other depts, customers, and our own dept which was then called General Investments (I dont know if this dept has changed, however, I am sure I may be able to find out) we used to calculate interest for customers who disputed the interest amount that was paid to them, they do have a complete filling system that is easy to access, their fiche is not held in boxes as they are telling everyone.

Birdy

:lol: ABBEY Recovered £5770:lol:

Link to post
Share on other sites

Would you testify to that effect? ;-)

If you feel that we have helped you, or you would like to help keep this web site running so that others can continue to get their money back, please click the donate button at the top of the forum.

Advice & opinions of Dave, The Bank Action Group and The Consumer Action Group are offered informally, without prejudice & without liability.

Use your own judgment. Seek advice of a qualified insured professional if you have any doubts.

 

------------

 

 

Add me as your friend on FaceBook - I need all the friends I can get :-(

 

http://www.facebook.com/profile.php?id=577405151

 

------------

Link to post
Share on other sites

Excellent!

 

However, after a small conversation with the IC the other day, it turns out that they have had over 300 complaints about Abbey re: the DPA request thing, and it's looking like they are going to enter their premesis to investigate their system first hand.

 

If not, then several people may well give you a call ;-)

 

Welcome to the site, by the way ;-)

If you feel that we have helped you, or you would like to help keep this web site running so that others can continue to get their money back, please click the donate button at the top of the forum.

Advice & opinions of Dave, The Bank Action Group and The Consumer Action Group are offered informally, without prejudice & without liability.

Use your own judgment. Seek advice of a qualified insured professional if you have any doubts.

 

------------

 

 

Add me as your friend on FaceBook - I need all the friends I can get :-(

 

http://www.facebook.com/profile.php?id=577405151

 

------------

Link to post
Share on other sites

Well I hope that they are going to be unannounced, what are the penalties for blatantly lying to the Information Commissioner?

 

And I hope it wont be bye bye Birdy after this, you are very welcome :-)

Lula

 

Lula v Abbey - Settled

Lula v Abbey (2) - Settled

Lula v Abbey (3) - Stayed

 

Link to post
Share on other sites

Well I hope that they are going to be unannounced, what are the penalties for blatantly lying to the Information Commissioner?

 

 

I noticed that on the barclaycard response to my SAR they told me they only filed their microfiche in boxes by date order.

 

I dont suppose that abbey told the ICO anyting much different, probably not alie but not the whole truth either.

 

It will be cool when they finally come clean about their systems, just hope justice prevails and that what we all know is proved and a judgement issued accordingly.

 

GLenn

Kick the shAbbey Habit

 

Where were you? Next time please

 

 

Abbey 1st claim -Charges repaid, default removed, interest paid (8% apr) costs paid, Abbey peed off; priceless

Abbey 2nd claim, two Accs - claim issued 30-03-07

Barclaycard - Settled cheque received

Egg 2 accounts ID sent 29/07

Co-op Claim issued 30-03-07

GE Capital (Store Cards) ICO says theyve been naughty

MBNA - Settled in Full

GE Capital (1st National) Settled

Lombard Bank - SAR sent 16.02.07

MBNA are not your friends, they will settle but you need to make sure its on your terms -read here

Glenn Vs MBNA

Link to post
Share on other sites

Do these companies really think that a multi national companie keeps their microfiche records in cardboard boxes on the floor? How stupid do they think we are?

Lula

 

Lula v Abbey - Settled

Lula v Abbey (2) - Settled

Lula v Abbey (3) - Stayed

 

Link to post
Share on other sites

indeed... Even I don't keep my documents like that.. and I'm bad for filing....

Cahoot

JBD issued - 27/07/06, warrant issued 08/08/06

First Direct

Settled in Full

Capital One

Prelim Sent

Citi Financial

Offer of difference betwen £30 and £12

GE Capital - Evans Card, Data Protection Act

Argos Card, DPA

Barclay Card, 8th May-DPA, 14th July- 2nd DPA (asking complete history!!)

Egg Card & Egg Loan,DPA

NatWest Card

LBA

Vodfone

3rd letter re: default

Studio & Ace

Prelim for Studio e-mailed

 

Contents of my posts are purely my own personal opinions, some formed by personal experience and some from research. If in doubt seek qualified legal advice.

 

Link to post
Share on other sites

Do these companies really think that a multi national companie keeps their microfiche records in cardboard boxes on the floor? How stupid do they think we are?

 

In answer to your question, i think they feel the majority of the consumer public are pretty stupid.

 

Hopefully with the help from this site and any others like it they will learn to be a little less smug.

 

I think they also feel that stupidity is not the preserve of their client base either, not when you consider how they seem to treat applications under the DPA, their abuse of the court system, etc.

 

GLenn

Kick the shAbbey Habit

 

Where were you? Next time please

 

 

Abbey 1st claim -Charges repaid, default removed, interest paid (8% apr) costs paid, Abbey peed off; priceless

Abbey 2nd claim, two Accs - claim issued 30-03-07

Barclaycard - Settled cheque received

Egg 2 accounts ID sent 29/07

Co-op Claim issued 30-03-07

GE Capital (Store Cards) ICO says theyve been naughty

MBNA - Settled in Full

GE Capital (1st National) Settled

Lombard Bank - SAR sent 16.02.07

MBNA are not your friends, they will settle but you need to make sure its on your terms -read here

Glenn Vs MBNA

Link to post
Share on other sites

  • Recently Browsing   0 Caggers

    • No registered users viewing this page.

  • Have we helped you ...?


×
×
  • Create New...